diff --git a/includes/Social/InstantShare.php b/includes/Social/InstantShare.php
index dddc89f4..4f051d13 100644
--- a/includes/Social/InstantShare.php
+++ b/includes/Social/InstantShare.php
@@ -268,6 +268,10 @@ public function instant_share_metabox_data_save($post_id, $post)
      */
     public function instant_share_fetch_profile()
     {
+        if( !current_user_can('edit_post') ) {
+            wp_send_json_error( [ 'message' => __('You are unauthorized to access social profiles.', 'wp-scheduled-posts') ], 401 );
+            wp_die();
+        }
         $allProfile = array();
         // get data from db
         $facebook = \WPSP\Helper::get_social_profile(WPSCP_FACEBOOK_OPTION_NAME);